The critical-op PodDisruptionBudget was previously created permanently,
but its selector (critical-operation=true) matched no pods during normal
operation. This caused false alerts in monitoring systems like
kube-prometheus-stack because the PDB expected healthy pods but none
matched.
Changes:
- Modified syncCriticalOpPodDisruptionBudget to check if any pods have
the critical-operation label before creating/keeping the PDB
- PDB is now created on-demand when pods are labeled (e.g., during
major version upgrades) and deleted when labels are removed
- Updated majorVersionUpgrade to explicitly create/delete the PDB
around the critical operation for immediate protection
- Removed automatic critical-op PDB creation from initial cluster setup
- Added test to verify on-demand PDB creation and deletion behavior,
including edge cases for idempotent create/delete operations
The explicit PDB creation in majorVersionUpgrade ensures immediate
protection before the critical operation starts. The sync function
serves as a safety net for edge cases like bootstrap (where Patroni
applies labels) or operator restarts during critical operations.
Fixes#3020
513291c58d